Skip to content

(#129) ls pwd rotation support#143

Merged
TheLydonKing merged 11 commits intomasterfrom
feature/129-ls-pwd-rotation-support
Sep 25, 2025
Merged

(#129) ls pwd rotation support#143
TheLydonKing merged 11 commits intomasterfrom
feature/129-ls-pwd-rotation-support

Conversation

@TheLydonKing
Copy link
Collaborator

@TheLydonKing TheLydonKing commented Sep 18, 2025

Release Notes:

  • Added Option for AWS SSM Paramter Store as alternative to AWS Secrets manager for storing credentials
  • Updated Tests to support the new addition
  • Updated ReadMe to indicate how to implement.

@TheLydonKing TheLydonKing self-assigned this Sep 18, 2025
@github-actions
Copy link

github-actions bot commented Sep 18, 2025
edited
Loading

Report: Report: api - scala:2.12.17

Metric (instruction) Coverage Threshold Status
Overall 68.71% 43.0%
Changed Files 45.03% 70.0%
File Path Coverage Threshold Status
AwsSecretsUtils.scala 0.0% 0.0%
AwsSsmUtils.scala 69.66% 0.0%
ServiceAccountConfig.scala 65.44% 0.0%

dk1844
dk1844 reviewed Sep 19, 2025
View reviewed changes
Copy link
Collaborator

@dk1844 dk1844 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I originally wondered if no mention of "parameter store" is an issue, but looking at how the AWS API is named, it makes sense that "SSM" and "getParameter" makes this clear enough.

Nicely done, just please add some of the tests suggested below if possible

api/src/main/resources/example.application.yaml
Comment on lines +81 to +85
#aws-systems-manager-account
#parameter: "parameter path"
#decrypt-if-secure: true
#username-field-name: "username"
#password-field-name: "password"
Copy link
Collaborator

@dk1844 dk1844 Sep 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the fact that you made it more configurable than other internal tools that can rely more directly on how the username+password fields are, this is welcome for an OSS project!

@TheLydonKing TheLydonKing requested a review from dk1844 September 22, 2025 11:58
dk1844
dk1844 reviewed Sep 23, 2025
View reviewed changes
Copy link
Collaborator

@dk1844 dk1844 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for bashing, but let's use mocking instead of custom-tailored TestClass implementation approach

dk1844
dk1844 approved these changes Sep 24, 2025
View reviewed changes
Copy link
Collaborator

@dk1844 dk1844 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

(the thenAnswer/thenReturn difference is a small thing not blocking merge in my view)

api/src/test/scala/za/co/absa/loginsvc/rest/config/auth/AwsSecretsLdapUserConfigTest.scala
Comment on lines +35 to +39
.thenAnswer(_ =>
Some(AwsSecret(Map(
"accountName" -> "ldap-user123",
"accountPwd" -> "password456"),
Instant.now())))
Copy link
Collaborator

@dk1844 dk1844 Sep 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why have you decided to complicate with thenAnswer? (multiple places)

I mean:
when(...).thenAnswer(_ => ...) when the simpler when(...).thenResult(...) would have sufficed.

But at least I learned a bit more about thenAnswer (I have not used that that much before).

Suggested change
.thenAnswer(_ =>
Some(AwsSecret(Map(
"accountName" -> "ldap-user123",
"accountPwd" -> "password456"),
Instant.now())))
.thenResult(
Some(AwsSecret(Map(
"accountName" -> "ldap-user123",
"accountPwd" -> "password456"),
Instant.now())))

Copy link
Collaborator Author

@TheLydonKing TheLydonKing Sep 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wasn't aware of .thenResult as the practice I've had withMockito only used .theAnswer.

Will keep it in mind for future.

@TheLydonKing TheLydonKing merged commit 8cb7a6a into master Sep 25, 2025
3 of 4 checks passed
@dk1844 dk1844 added the enhancement New feature or request label Oct 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dk1844 dk1844 dk1844 approved these changes

@jakipatryk jakipatryk Awaiting requested review from jakipatryk jakipatryk is a code owner

Assignees

@TheLydonKing TheLydonKing

Labels

enhancement New feature or request tested

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@TheLydonKing @dk1844